Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\AppMgmt\Parameters] 'ServiceDll' = '<SYSTEM32>\appmgmt.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\AppMgmt] 'Start' = '00000002'
- %TEMP%\TMP1.tmp
- %TEMP%\TMP2.tmp
- <SYSTEM32>\appmgmt.dll
- <SYSTEM32>\powerprof.dll
- %WINDIR%\Temp\~DF71.tmp
- %TEMP%\TMP1.tmp
- 'ww##.#kav2010.net':8080
- '19#.#70.1.128':443
- '19#.#70.3.12':8800
- '19#.#70.51.100':8080
- '19#.#70.91.133':443
- DNS ASK ww##.#kav2010.net
- '<SYSTEM32>\rundll32.exe' appmgmt.dll,CsSetOptions dd